电子科技2024,Vol.37Issue(5):71-78,8.DOI:10.16180/j.cnki.issn1007-7820.2024.05.010
基于行为特征和语义特征的多模态Android恶意软件检测方法
Multimodal Android Malware Detection Method Based on Behavioral and Semantic Characteristics
摘要
Abstract
Existing methods for detecting Android malware only consider a single kind of features,which do not fully describe the features of Android software.In order to solve the above problems,this study presents a multimodal Android malware detection method based on the permissions,byte code probability matrix and function call graph.At the same time,in order to solve the problem of feature representation of function nodes,a new node feature generation method is presented in this study in the generation of function call graph.In order to enrich the semantic information of opcode,a byte probability matrix generation method based on 2-gram is presented.The experiment proves that the method described the characteristics of Android software more comprehensively than other methods,and the de-tection accuracy rate reached 95.2%.Compared with the existing methods,the accuracy of this method has been im-proved by 22%on average,effectively improving the detection ability of Android malware.关键词
Android/特征融合/权限/字节概率矩阵/函数调用图/卷积神经网络/恶意软件检测/多模态Key words
Android/feature fusion/permission/byte probability matrix/function call graph/convolution neu-ral network/malware detection/multimodal分类
信息技术与安全科学引用本文复制引用
朱晋恺,方兰婷,季小文,黄杰..基于行为特征和语义特征的多模态Android恶意软件检测方法[J].电子科技,2024,37(5):71-78,8.基金项目
国家自然科学基金(61906039) (61906039)
至善青年学者计划 ()
中央高校基本科研专项资金(2242022k30007) National Natural Science Foundation of China(61906039) (2242022k30007)
The Best Young Scholars Program ()
Special Funds for Basic Scientific Research of Central Universities(2242022k30007) (2242022k30007)
